Zappos hit by massive data breach

Emma Woollacott, 16th January 2012

Amazon-owned online shoe retailer Zappos has warned that hackers have accessed the personal information of as many as 24 million of its customers.

The company says that information including names, addresses, phone numbers and email addresses has been exposed - along with, scrambled passwords and the last four digits of customers' credit cards.

It says the hackers gained access through one of the company's Kentucky servers, and stresses that the database holding critical credic card and other payment data was unaffected. It says it's already reset customers' passwords and is in the process of contacting customers and helping them set new passwords.

That's going to be a huge job, and the company is attempting to do it all by email.

"“In order to service as many customer inquiries as possible, we will be asking all employees at our headquarters, regardless of department, to help with assisting customers," says CEO Tony Hsieh in a statement to customers.

"We have made the hard decision to temporarily turn off our phones and direct customers to contact us by email because our phone systems simply aren’t capable of handling so much volume."

He says the company's now working with law enforcement to investigate the breach. It's warning customers to change passwords elsewhere if they've used the same one, and to be suspicious of any phishing emails asking for personal information.